[Samba] Re: Samba entries in the LDAP tree, help!

Alex itzaberhad at yahoo.com
Fri Oct 3 23:33:11 GMT 2003

I'm curious, the samba.schema is for Samba 2.0.  Is there a new Schema 
for Samba 3.0 that includes ACLs?

Ed Asbury wrote:

> I can NOT find any information on how to get the following into the LDAP tree (and where they should be located) from the documentation. I am definitely an LDAP beginner and assembling the tree from reading schema's is still over my head. I am able to connect to samba using only LDAP authentication and can add users, but that is all I can successfully do, "net groupmap add", "net group" returns nothing, "pdbedit -L" etc. fail miserably because I don't have everything I need in the tree (which I can see from setting the debugging to 2)it isn't finding these entries because I don't know where to put them and how this thing structurally should be laid out. Specifically where do the following fit into the LDAP tree; sambaGroupMapping, sambaUnixIdPool, sambaIdmapEntry (automatically created?), and sambaSidEntry.  
> I used the IdealX smbldap-populate.pl tool to get the basic structure there and have at least gotten the User authentication portion working.  But if someone could give me a clue of where to look (if I somehow missed it in the documents, but I don't see how because I read it from cover to cover) and/or how to get started on the rest of this, I would be eternally grateful.  
> So far the tree looks approximately as so;
> dc=vogeleusa, dc=com
> |_cn=root 
> |_ou=Computers (as created by smbldap-populate.pl, no entries here yet)
> |_ou=Groups (as created by smbldap-populate.pl)
>     |_cn=Domain Admins
>       .......
> |_ou=Users (as created by smbldap-populate.pl)
>     |_uid=Administrator
>     |_uid=root
>     |_uid=testuser
>       ........
> |_sambaDomainName(sambaDomain)=VOGELEUSA (created automatically by pdbedit or a net command, I have forgotten which)
> I would greatly appreciate any help as I have been working on TRYING to get LDAP and Samba to work together for over a week now and have had only minor luck in getting the two to cooperate.  Samba 3 does work fine with smbpasswd, I would just like to use LDAP exclusively for single sign.
> Ed Asbury
> Systems Admin/Programmer
> Vogele America, Inc.

More information about the samba mailing list